Transcription

1 Acme Packet session border controllers in the enterprise Large enterprises have been expanding their deployments of IP telephony (IPT) for several years now. Planning has already begun to extend the benefits of interactive communications over IP beyond voice services to include real-time presence-based voice, videoconferencing, chat/instant messaging, multimedia collaboration, telepresence, and more. With encouragement from major IT vendors, some enterprises will achieve this objective by deploying suites of integrated real-time applications over IP often referred to as Unified Communications (UC) as well as core business applications enhanced with interactive communications capabilities, e.g., CRM enabled with click-to-call and call recording features. Delivering these real-time, interactive communications services and applications over IP will be critical to fostering business agility, boosting employee accessibility and efficiency, improving customer service, and reducing IT capital and operating costs. But significant challenges in security, interoperability, service assurance and regulatory compliance emerge once enterprises begin migrating voice and video away from service provider TDM services and converging them on IP networks. Session border controllers (SBCs), product solutions extensively used by service providers to address these shortcomings, are now being deployed by enterprises to enable the delivery of secure, high-quality, real-time interactive communications, including IPT and UC. Similarly, service providers are using SBCs in new outsourced interactive communications offerings for enterprises such as hosted contact centers and hosted Voice over IP (VoIP) services. Business challenges The business world is now global, 24/7/365, mobile, and real-time. The emergence of new economic powerhouses like India and China has intensified the competition for customer loyalty and money. The advent of a more globalized economy has meant both improved availability of lower-cost labor and the entry of agile new competitors unburdened by legacy IT infrastructure. Meanwhile, customer expectations of the level of service their vendors provide are rising. Any enterprise that hopes to survive in this environment must optimize the efficiency of its internal and customer-facing business processes by reducing human latency ; the time it takes to identify, access and connect the best-available employees to make decisions, address customer needs and solve problems quickly. In this newly competitive environment, enterprises face a broad spectrum of challenges, including how to: Equip employees with better real-time communications tools to improve the speed and efficiency with which they interact with each other and with customers; this includes adding real-time communications features to core business and productivity applications Build customer loyalty by optimizing business processes such as order entry and inquiry/problem resolution, enabling customers to quickly reach the right employees via the best available communications channels 1

2 Respond to economic and competitive pressures by reducing infrastructure costs, notably by using IT selectively to simplify, optimize and drive cost out of overhead business processes (e.g., travel, communications) Identify processes and skills that are core to the business, and selectively outsource the rest Minimize the enterprise s exposure to risk with appropriate investments in security and business continuity while achieving compliance with all relevant government and commercial regulatory requirements Acme Packet enterprise session border control solutions Acme Packet SBCs enable enterprises to control four critical IP network borders to their data centers that host IPT/UC infrastructure, as shown in Figure 1: IP trunking border connections to service provider IP networks linking the enterprise to the outside world of PSTN and IP endpoints Private network border connections to internal employees located on the enterprise campus LAN and in remote offices connected via private WAN services such as MPLS VPNs Internet border connections to small offices, users working from home and mobile employees over the public Internet Hosted services interconnect border private connections to service providers or Application Service Providers (ASP) that offer hosted IP-based audio and videoconferencing services, IP contact center services, IP Centrex to augment premise-based systems for certain sites, business groups or divisions and VoIPenabled business applications such as salesforce.com. Figure 1 2

3 Comparing SBCs to firewalls with SIP ALG in enterprise VoIP & UC scenarios Overview Voice over IP (VoIP) and unified communications (UC) are increasingly prevalent as standards-based alternatives to closed proprietary communications systems. The expandability, flexibility and cost advantages offered by IP networks provide a highly effective means for enterprises and contact centers to communicate both internally and externally in today s dynamic business and economic climates. Because an organization s communications network is a business-critical resource, IP-based enterprise and contact center communications networks, services and application must be secured. But other requirements, such as maximizing communication service and application interoperability, assuring service availability and quality levels, complying with government regulations and controlling costs must also be met for successful VoIP/UC delivery. How it works firewalls with SIP ALG vs. session border controllers Enterprise firewalls ubiquitous in today s IP networks protect IP data networks, servers and applications against a variety of threats through stateful inspection and filtering at layers 3 and 4 of the OSI model. To enable basic VoIP connectivity through the firewall, some firewalls add SIP application layer gateways (SIP ALGs) that translate embedded SIP addresses, in effect allowing the firewall to maintain a single end-to-end SIP session between endpoints residing on either side of the firewall. Maintains single SIP session through FW Fully state-aware at layer 3 & 4 Only inspects/modifies SIP, SDP addresses Unable to terminate, initiate, re-initiate or respond to SIP signaling messages Only supports static ACLs & policies Implements SIP B2BUA for complete control Fully state-aware at layers 2-7 Inspects/modifies all SIP, SDP header info Can terminate, initiate, re-initiate and respond to SIP signaling messages Supports static and dynamic ACLs & policies By comparison, session border controllers (SBCs) implement a SIP back-to-back user agent (B2BUA) as defined in IETF RFC A B2BUA divides each SIP session into two distinct segments as shown in the diagram below. In doing so, the SBC is able to completely and effectively control SIP sessions, as well as the associated media flows, in ways that SIP ALGs cannot. This unique capability gives SBCs a clear edge in their ability to securely deliver reliable, high-quality IP-based interactive communications. 3

5 IP trunking for PBXs - the enterprise perspective Benefits Enterprises, including contact centers, universities and government organizations, have a growing interest in using SIP and H.323 trunks for interconnecting IP PBX islands and enabling native IP communications for voice, conferencing, messaging and collaboration applications. Moreover, as enterprises migrate to an all IP communications environment, they are looking to service providers to take VoIP traffic from their sites and provide IP-to-PSTN gateway services for inbound and outbound traffic. Enterprises can realize capital and operating expense savings by leveraging more efficient and economical IP connections. Direct VoIP peering between enterprise sites also simplifies the introduction of enhanced communications applications such as unified communications. Several benefits can be realized by leveraging IP trunks for connectivity to the PSTN and other enterprise IP networks and endpoints: Reduce costs, both capital and operating, by eliminating media gateways and TDM voice trunks, while collapsing applications on existing data network Simplify operations by transferring media gateway and PSTN interconnection management to a service provider Accelerate provisioning and deployment as IP interconnects can be provisioned in days as opposed to months Enhance operations with flexible routing policies that provide cost effective call termination, disaster recovery and business continuity Improve quality by eliminating unnecessary IP-to-TDM-to-IP conversions and exploiting high fidelity codecs Enable new services and applications that require end-to-end IP connectivity such as interactive video, presence, instant messaging, multimedia collaboration and unified communication Acme Packet s Net-Net SBCs are designed to satisfy the critical security, application reach maximization, SLA assurance, cost optimization and regulatory compliance requirements to enable IP trunking for enterprises. 5

6 Applications Enterprises are connecting their VoIP networks to service providers and other organizations using IP as opposed to costly TDM hand-offs for a variety of cost-saving applications, including: PSTN termination or origination Enterprise VoIP peering Hosted services call recording, conferencing, contact center Regulatory services emergency services, lawful intercept Challenges Connecting IP PBXs to service providers networks using IP trunks introduces challenges and unique requirements for building a trusted border between the enterprise and service provider. Some of the critical capabilities required at this border include: Security hiding and protecting network resources and user information from attack and misuse Application reach exchanging traffic across heterogeneous networks with differing or conflicting network characteristics such as IP addresses, signaling and transport protocols, codecs, encryption, etc. SLA assurance handling latency sensitive traffic with high priority and maintaining network availability and high service quality during abnormal busy periods Cost optimization routing calls in cost effective manner and capturing session data for accounting and traffic management and planning Regulatory compliance enabling emergency service routing and call recording in order to comply with government regulations for VoIP To overcome these challenges enterprises and services providers are deploying SBCs at both ends of the IP trunk. The SBC enables seamless communications across network borders between the enterprise sites and the service provider network. The SBC is used to mediate the differences in the various networks as well as provide security, quality and cost control at the ingress and egress of those networks. 6

7 Acme Packet Net-Net product family delivers trusted, first-class interactive communications and data Acme Packet s Net-Net family of session border controllers, multiservice security gateways and session routing proxies enable the delivery of trusted, first-class interactive communications voice, video and multimedia sessions and data services across IP network borders. The brand name "Net-Net" reflects the role of these products in interconnecting IP networks to deliver these services and applications. Our Net-Net family supports multiple applications in service provider, enterprise, government and contact center networks from VoIP trunking to hosted enterprise and residential services to fixed-mobile convergence. They satisfy critical security, service assurance and regulatory requirements in wireline, cable and wireless networks; and support multiple protocols SIP, H.323, MGCP/NCS, H.248 and RTSP and multiple border points service provider access and interconnect, and enterprise access and trunking. For enterprises and contact centers, our Net-Net product family enables the secure delivery of a broad range of interactive communications services and applications ranging from basic VoIP to Service Oriented Architecture (SOA)-enabled unified communications. It secures the borders to the service provider IP network, the private VPN connecting major enterprise or contact center sites and the Internet for connecting remote offices, teleworkers and callers to the contact center. It ensures interoperability of both legacy IP-PBX equipment and next-generation unified communications platforms such as Microsoft OCS and manages their traffic load and resource availability. Products All of our products session border controllers (SBC), multiservice security gateways (MSG) and session routing proxies (SRP) operate Acme Packet Net-Net OS. Net-Net OS offers extremely rich functionality in terms of architectural flexibility, signaling protocol breadth, control function and feature depth, carrierclass availability and manageability. It supports all five required border control functions security, service/application reach maximization, SLA assurance, revenue and cost management and regulatory compliance. Net-Net OS operates on all of our hardware platforms - the Net-Net 2600, 3800, 4000 and 9200 series systems and Net-Net 4500 ATCA blade. Our software-only platform, Net-Net OS-E, is also supported on certified third party hardware platforms to satisfy the low-end performance, capacity and price requirements of enterprises and contact centers. Our products, which also include our Net-Net EMS and SAS management tools, help service providers, enterprises, governments and contact centers throughout the world to successfully deliver trusted, first-class IP communications. Acme Packet products by platform 7

8 Net-Net OS-E Net-Net OS-E is a software-only, integrated session border controller (SBC) platform for Acme Packetcertified third-party servers. The server options available provide enterprises, contact centers and Acme Packet partners with the flexibility to choose a system that best matches the performance, capacity and price requirements of the service or application. Net-Net OS-E is also supported in Virtual Machine (VMware or Xen) operating environments. Net-Net 2600 Our Net-Net 2600 platform delivers an integrated SBC configuration optimized for enterprise and contact center applications. The 1U Net-Net 2610 and 2U Net-Net 2620 are Acme Packet-supported Intel quadcore servers operating Net-Net OS-E. They provide all of the critical controls for delivering trusted, first class interactive communications voice, video and multimedia sessions across IP network borders. Net-Net 3800 The Net-Net 3800 platform is our integrated SBC solution for smaller service providers, government defense and security focused agencies, small enterprises and smaller sites within larger organizations. The Net-Net 3800 and all higher capacity platforms feature Acme Packet s custom hardware design tightly integrated with Net-Net OS to satisfy the most critical infrastructure security requirements. Net-Net 4000 This carrier-class platform is the industry s most widely deployed session border controller, delivering unmatched capabilities in a 1U form factor. Comprised of two distinct models, the Net-Net 4250 and Net- Net 4500, the Net-Net 4000 series offers extremely rich functionality, architectural flexibility and signaling protocol breadth, and satisfies all of the performance, capacity, availability and manageability requirements of service providers, enterprises, government organizations and contact centers. Net-Net 9200 Our next-generation platform offers our highest levels of performance, availability and capacity to service provider and large enterprise VoIP/UC deployments in a single 7 RU hardware chassis-based system. The multiprocessor Net-Net 9200 platform, in SBC configurations, also supports transcoding and transrating for a wide selection of wireline and wireless codecs. Net-Net 4500 ATCA blade This ATCA blade is designed to be easily integrated by wireless and wireline communication systems vendors into their ATCA chassis. The blade supports all Acme Packet Net-Net SBC, MSG and SRP configurations, and all of the functions and features supported by Net-Net OS. Consisting of an ATCA front card and rear transition module, the ATCA blade is purpose-built to enable Net-Net OS functions and exploits the power and capacity of the industry s best processing and memory components. 8

9 About Acme Packet Mission Acme Packet enables the delivery of trusted, first-class interactive communications voice, video and multimedia sessions and data services across IP network borders. Our Net-Net family of session border controllers, multiservice security gateways and session routing proxies supports multiple applications in service provider, enterprise and contact center networks from VoIP trunking to hosted enterprise and residential services to fixed-mobile convergence. They satisfy critical security, service assurance and regulatory requirements in wireline, cable and wireless networks; and support multiple protocols SIP, H.323, MGCP/NCS, H.248 and RTSP and multiple border points service provider access and interconnect, and enterprise access and trunking. Markets Our Net-Net family supports multiple applications in service provider, enterprise and contact center networks from VoIP trunking to hosted enterprise and residential services to fixed-mobile convergence. For enterprises and contact centers, our Net-Net product family enables the secure delivery of a broad range of interactive communications services and applications ranging from basic VoIP to Service Oriented Architecture (SOA)-enabled unified communications. It secures the borders to the service provider IP network, the private VPN connecting major enterprise or contact center sites, and the Internet for connecting remote offices, teleworkers and callers to the contact center. It ensures interoperability of both legacy IP-PBX equipment and next-generation unified communications platforms such as Microsoft OCS and manages their traffic load and resource availability. Financial highlights Total revenue (US$ in millions) 9

Executive Summary Enterprise communications is in a state of transformation. Businesses are replacing conventional PBX systems with VoIP and Unified Communications (UC) solutions and cloud-based services

Session Control Applications for Enterprises Driven by Strong Secular Growth Trends The adoption of SIP trunking The explosion of wireless and opt-in communications The emergence of OTT service providers

Executive Summary Service providers, enterprises and contact centers continue to build IP-based infrastructure to lower their operating costs and introduce new IP-enabled offerings such as VoIP, video-over-ip

S-Series SBC Interconnect Solutions A GENBAND Application Note May 2009 Business Requirements A ubiquitous global voice service offering is the challenge among today s large service providers. The need

SIP Trunking and the Role of the Enterprise SBC a Tango Networks ebriefing SIP trunks offer companies of all sizes the opportunity to improve and simplify their communications network while reducing costs.

SIP Trunking Connectivity, Security and Deployment Scenarios Introduction Enterprises have traditionally based their voice communications on an in-premises telephony switch the PBX. Until recently, the

OfficeMaster Gate (Virtual) Enterprise Session Border Controller for Microsoft Lync Server Quick Start Guide October 2013 Copyright and Legal Notice. All rights reserved. No part of this document may be

To IP or Not To IP That is the question As an end user you have many choices with regard to telecommunication including provisioning with PBX s converged PBX s or Key Hybrid systems or pure IP Telephony.

UC Firewall and Session Border Controller Security within and beyond the boundaries Security within and beyond your network s boundaries Our connected world We are living and working in a new world that

How many times have you heard "IP networks don't make any money!" Probably way too many! Compared to the PSTN, IP networks are big zeroes in terms of financial appeal. Today, while data consumes more than

Creating the Unified Multi-Service Demarcation Point Powered by AudioCodes Multi-Service Business Gateways (MSBG) The Challenge Enterprise organizations building their ICT infrastructure face many challenges.

Small Logo SIP Trunking: Deployment Considerations at the Network Edge at the Network Edge Executive Summary The move to Voice over IP (VoIP) and Fax over IP (FoIP) in the enterprise has, until relatively

Virtualizing Open Text Fax Server with Realtime Fax over IP and Open Text Fax Gateway Abstract Computer virtualization is a revolutionary concept that provides organizations with a powerful, simple, and

Fax over IP Contents Introduction Why Fax over IP? How Real-time Fax over IP works Implementation with MessagePlus/Open Summary About this document This document describes how Fax over IP works in general

VoIP in the Enterprise Date: March. 2005 Author: Sonia Hanson Version: 1.1 1 1 Background Voice over IP In the late 1990s Voice over IP (VoIP) was seen as a disruptive new technology that had the potential

Small Logo SIP Trunking: Enabling Wideband Audio for the Dialogic s This white paper is brought to you by Dialogic as part of a continuing series on important communications topics. Dialogic Corporation

The BorderNet Session Border Controller and Network Service providers today are making a fundamental shift away from their traditional ways of doing business and delivering services as they face alternative

Any to Any Connectivity Transparent Deployment Site Survivability The Performance You Want. The Installation Simplicity You Expect. Quintumʼs innovative solutions are The Perfect Fit for Enterprise& Service

Big Solutions for Small Business Enabling SMB Converged Data and Voice Services By Itzik Feiglevitch, Marketing Director Introduction In the coming years, the demand for business VoIP services is expected

Sonus and Lync Enterprise Voice The Challenge. How to integrate Lync to your existing PBX and PSTN lines to enable full Enterprise Voice? Multitude of PBX types from various manufacturers Numerous Interface

Charter Business : White paper SIP Trunking: A new voice in communications service WHITE PAPER With the rise of next-generation technology, business customers have more options than ever from providers

Calculate Your Savings See how the right phone system can improve your bottom line. Are you missing important calls and lost revenue? Are missing important calls and lost revenue? Could you provide a better

As we enter the 21st century, we are experiencing a telecommunications revolution. From a technological perspective, the distinction between voice information and other kinds of data is blurring as circuit-switched

tech line / jul 2013 Time to Start SIP-ing? Can a SIP-based solution add value for your contact center? A look at the key opportunities and considerations. By Ken Barton, and Matt Morey, Strategic Contact

SIP SECURITY JULY 2014 Executive Overview As with any data or communication service, it s important that all enterprises understand potential security issues related to SIP Trunking. This paper provides

SIP Trunking Steps to Success, Part One: Key Lessons from IT Managers Who ve Been There Q&A Session Date: Wednesday, April 13, 2011 Q: You have to partner with a provider in order to do SIP trunking, correct?